Mitigating Human Error and Helping with the Zero Trust Approach

How to mitigate risks linked to connecting to Cloud?

The Cloud has enabled organisations to be more flexible and agile, but quite often organisations move to the cloud so quickly that their security has not kept up. This can mean that new attack surfaces are created, leaving them vulnerable.

Organisations need to take a proactive approach to cyber security and understand that a traditional security perimeter of their network no longer suffices. They instead require a framework that considers all security implications, with multiple layers of protection, and proactive threat monitoring and engagement.

Essentially, moving to the cloud means that you cannot have an impassable wall around your closed network, but must instead have layers of defences around a core network that contains your most important data and assets.

Would effective employee training be beneficial in mitigating human error and help with the Zero Trust approach?

Absolutely – organisations need to constantly work on improving their security posture, and improving the knowledge and capabilities of your employees is one of the most important parts of this. It is vital that security is considered a key topic for both business leaders and their employees, and that they not only understand the threats that affect your organisation, but how those threats also affect them and their data.

At BT, we have 3000 cyber security experts working to secure our business and our customers, and we have spent a lot of time and effort to ensure all of BT (from Board level down) understands the importance of security and the investment & strategy required to deal with the risks. Communication is vital when it comes to raising awareness of security and identifying risks, so we have a dedicated Security Group on Workplace to create a live feed of information and to call out any experiences people have.

Issuing company-wide mandatory training should be done to ensure employees are mindful of security, and as the scale of the threat grows, it is worth developing people’s training and skills. Especially now as remote working is reaching a new level of normality, businesses must consider not only how to keep their connections as secure as possible, but also communicate regularly with their employees, and maintain good cyber hygiene.

What does the future hold for cyber security? Will the developments be postponed or sped up due to the recent global situation?

The pandemic has massively changed the way we use technology, with many of us working from home and more of our daily lives being moved online, including learning, shopping and human connections. As a result, people have recognised even more that cyber security should no longer be an afterthought, and instead needs to be considered as an essential part of everything we do.

I think the global situation has elevated the need for a cyber security strategy to be implemented throughout organisations. Organisations need to be prepared to make essential risk-based decisions and work collaboratively both within the organisation and with network and security providers, to ensure there are rigorous plans ready for any unexpected situations.

---

Hila MELLER, Vice President Security Europe from BT has more than 20 years of experience in the security world.

During her career, she has worked with some of the world’s best-known brands and international organisations to protect their IT estate and business assets, while taking them through digital transformation initiatives.

She is experienced in leading diverse international security teams and has done so for several large Fortune 500 companies. Hila has a bachelor’s degree in computer science and mathematics, and an executive MBA. She is a passionate public speaker and an enthusiastic advocate of diversity in technical fields.